On 27/06/2011 14:19, Martin Kouba wrote: > Recently I've been using adapted code of CrawlerSessionManagerValve from > Tomcat 7 on Tomcat 6 (JBossWeb 2.1.4 respectively). It works well. > However I observed a lot of HTTP sessions that were created even if > CrawlerSessionManagerValve logged sucessfull bot detection. Finally I > found that problem is in the way CrawlerSessionManagerValve removes > expired session infos. See > http://grepcode.com/file/repo1.maven.org/maven2/org.apache.tomcat/tomcat-catalina/7.0.14/org/apache/catalina/valves/CrawlerSessionManagerValve.java#CrawlerSessionManagerValve.backgroundProcess%28%29. > > > The problem occurs in case of bot makes pause between requests that > lasts at least "sessionInactiveInterval" and is not shorter than > "sessionInactiveInterval" + 60 seconds. In this situation the real HTTP > session is already destroyed but corresponding SessionInfo still exists. > CrawlerSessionManagerValve detects bot and finds SessionInfo. New HTTP > session is created but CrawlerSessionManagerValve just changes > sessionInfo lastAccessed property (because sessionInfo != null). > > The problem code is in method backgroundProcess() where expireTime is > resolved: (sessionInactiveInterval + 60) * 1000. It's possible that > those +60 seconds have some meaning nevertheless they may cause creation > of hundreds of useless HTTP sessions. My opinion is that > backgroundProcess() is not the right way to remove expired session > infos. I guess that more suitable solution is to make > CrawlerSessionManagerValve implementor of > org.apache.catalina.SessionListener and remove expired session info on > SESSION_DESTROYED_EVENT. I tried to modify the code and it seems that > CrawlerSessionManagerValve works now even better.
I had seen something similar in the ASF Jirs instance and hadn't found the time to get to the bottom of it. Your analysis looks good. I'll update the Valve accordingly for the next 7.0.x release. Cheers, Mark > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
